Update and rename next.yml to development-workflow.yml #1
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: development pipeline | |
| on: | |
| # Runs on pushes targeting the default branch | |
| push: | |
| branches: ["develop", "feature/*"] | |
| pull_request: | |
| branches: ["develop", "feature/*"] | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages | |
| permissions: | |
| contents: read | |
| pages: write | |
| id-token: write | |
| jobs: | |
| # Build job | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Detect package manager | |
| id: detect-package-manager | |
| run: | | |
| if [ -f "${{ github.workspace }}/yarn.lock" ]; then | |
| echo "manager=yarn" >> $GITHUB_OUTPUT | |
| echo "command=install" >> $GITHUB_OUTPUT | |
| echo "runner=yarn" >> $GITHUB_OUTPUT | |
| exit 0 | |
| elif [ -f "${{ github.workspace }}/package.json" ]; then | |
| echo "manager=npm" >> $GITHUB_OUTPUT | |
| echo "command=ci" >> $GITHUB_OUTPUT | |
| echo "runner=npx --no-install" >> $GITHUB_OUTPUT | |
| exit 0 | |
| else | |
| echo "Unable to determine package manager" >&2 | |
| exit 1 | |
| fi | |
| - name: Setup Node | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: "20" | |
| cache: ${{ steps.detect-package-manager.outputs.manager }} | |
| - name: Restore cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| .next/cache | |
| # Generate a new cache whenever packages or source files change. | |
| key: ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json', '**/yarn.lock') }}-${{ hashFiles('**.[jt]s', '**.[jt]sx') }} | |
| # If source files changed but packages didn't, rebuild from a prior cache. | |
| restore-keys: | | |
| ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json', '**/yarn.lock') }}- | |
| - name: Install dependencies | |
| run: ${{ steps.detect-package-manager.outputs.manager }} ${{ steps.detect-package-manager.outputs.command }} | |
| - name: Build with Next.js | |
| run: npm run build | |
| # Snyk security scan job | |
| snyk_scan: | |
| runs-on: ubuntu-latest | |
| needs: build # Ensure the build job completes before running Snyk scan | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| - name: Install Snyk CLI | |
| run: npm install -g snyk # Install Snyk CLI globally | |
| - name: Snyk security scan | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| run: | | |
| npx snyk test --all-projects --json > snyk-output.json | |
| echo "Snyk scan completed." | |
| - name: Upload Snyk results | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: snyk-results | |
| path: snyk-output.json |